Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime 91

Cybercrime DNS Malware Advertising 91

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware. In 2016, while the U.S.

Cryptocurrency 288

Cryptocurrency Cybercrime Computers and Electronics Scams 288

SiteLock

AUGUST 27, 2021

And if you think that simply relying on antivirus software will get you through safely, there’s some more bad news. Some reports have suggested that today’s antivirus software can detect very few of the most dangerous types of malware – the stuff you really want to avoid. And the New York Times can testify to that.

Cybercrime 87

Cybercrime Small Business Antivirus Malware 87

Security Affairs

MARCH 18, 2020

In January, Chinese hackers have exploited another zero-day vulnerability in the Trend Micro OfficeScan antivirus in an attack that hit Mitsubishi Electric. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication 137

Authentication Advertising Antivirus Cybercrime 137

Security Affairs

SEPTEMBER 22, 2018

The Latvian expert Ruslans Bondars (37), who developed and run the counter antivirus service Scan4You has been sentenced to 14 years in prison. Scan4you is a VirusTotal like online multi-engine antivirus scanning service that could be used by vxers to test evasion abilities of their malware against the major antiviruses.

Malware 111

Malware Antivirus Retail Advertising 111

Security Affairs

APRIL 27, 2020

The cybercrime gang also apologized for the damages they have caused their victims. Shade was considered one of the most dangerous threats in the cyber crime scenario, it has been active at least since 2014 when a massive infection was observed in Russian. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 145

Ransomware Advertising Antivirus Education 145

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” continues Microsoft. Pierluigi Paganini.

Ransomware 144

Ransomware Cybercrime Social Engineering Banking 144

Security Affairs

SEPTEMBER 7, 2020

A recently discovered cybercrime gang, tracked as Epic Manchego , is using a new technique to create weaponized Excel files that are able to bypass security checks. Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. Pierluigi Paganini. SecurityAffairs – hacking, Norway).

Cybercrime 134

Cybercrime Phishing Advertising Antivirus 134

Security Affairs

MARCH 31, 2025

The APT group has been launching cyber-espionage campaigns against Ukraine since at least 2014. The PowerShell code avoids antivirus detection by using Get-Command to execute the payload. The threat actor is using troop-related lures to deploy the Remcos RAT via PowerShell downloader. ” reads the Talos report.

Phishing 63

Phishing Antivirus Encryption Hacking 63

Security Affairs

DECEMBER 29, 2019

Experts uncovered a new tool dubbed BIOLOAD used by the FIN7 cybercrime group used as a dropper for a new variant of the Carbanak backdoor. Experts pointed out that the BIOLOAD’s WinBio.dll is still detected by a limited number of antivirus on VirusTotal scanning platform despite it was compiled nine months ago.

Cybercrime 93

Cybercrime Antivirus Identity Theft Advertising 93

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift. pharma giant ExecuPharm.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

JULY 8, 2020

Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S. The conspirators often modified antivirus software settings to allow malware to continue to run undetected.” Attorney Brian T.

Hacking 111

Hacking Antivirus Advertising Cybercrime 111

Security Affairs

APRIL 14, 2019

The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cryptocurrency 111

Cryptocurrency Identity Theft Advertising Accountability 111

Security Affairs

SEPTEMBER 7, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Send the samples (.doc Pierluigi Paganini.

Malware 143

Malware Advertising Antivirus Banking 143

Security Affairs

AUGUST 3, 2020

He had no previous criminal records at the time of the arrest, but it is known to be a member of a cybercrime forum to become an affiliate for the GandCrab ransomware operation. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 145

Ransomware Advertising Malware Hacking 145

Security Affairs

OCTOBER 11, 2020

ransomware displays ransom note in innovative way Carnival confirms data breach as a result of the August ransomware attack Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP) Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns. Pierluigi Paganini.

Advertising 101

Advertising Ransomware Hacking Antivirus 101

Security Affairs

MARCH 19, 2020

Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Government 141

Government Ransomware Encryption Penetration Testing 141

Security Affairs

APRIL 17, 2019

The latest variant appeared in the cybercrime underground in December 2018, it was named HawkEye Reborn v9. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the analysis published by Talos.

Malware 108

Malware Antivirus Advertising Passwords 108

Security Affairs

NOVEMBER 4, 2018

” Kraken Cryptor is a ransomware-as-a-service (RaaS) affiliate program that first appeared in the cybercrime underground on August 16, 2018, it was advertised in a top-tier Russian-speaking cybercriminal forum by the threat actor ThisWasKraken. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 111

Ransomware Advertising Cybercrime Malware 111

Security Affairs

SEPTEMBER 20, 2019

Experts revealed that the botnet was used by the TA505 cybercrime gang to distribute the FlawedAmmy RAT and some email stealers. The Amedey malware sends back to the server several data, including a unique identifier of the infected system, the malware version, operating system, antivirus software, system name, and username.

Phishing 108

Phishing Social Engineering Malware Advertising 108

Krebs on Security

JULY 28, 2022

” Microleaves has long been classified by antivirus companies as adware or as a “potentially unwanted program” (PUP), the euphemism that antivirus companies use to describe executable files that get installed with ambiguous consent at best, and are often part of a bundle of software tied to some “free” download.

Advertising 269

Advertising Software Computers and Electronics Internet 269

Security Affairs

JANUARY 26, 2020

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Cisco Webex flaw allows unauthenticated remote attackers to join private meetings.

Data breaches 111

Data breaches Advertising Antivirus DDOS 111

Security Affairs

SEPTEMBER 16, 2019

The researchers provided evidence that the threat actors sold the purchased certificates to a cybercrime gang that used them to spread malware. The verification is done using a public antivirus scanning service, then the threat actors use the file scan record as “a clean bill of health” for potential buyers. Pierluigi Paganini.

Adware 105

Adware Advertising Marketing Antivirus 105

Security Affairs

DECEMBER 1, 2020

Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. The experts warn that nation-state actors are adopting TTPs associated with cybercrime gangs to make it hard the attack attribution. ” Microsoft said.

Cryptocurrency 136

Cryptocurrency Antivirus Manufacturing Government 136

Security Affairs

JUNE 12, 2019

“The hospitality industry, and particularly their POS networks, continues to be one of the industries most targeted by cybercrime groups. What’s more, attackers know that many POS systems run with only rudimentary security as traditional antivirus is too heavy and requires constant updating that can interfere with system availability.”

Hacking 106

Hacking Malware Advertising Retail 106

Security Affairs

NOVEMBER 5, 2020

The technique was already employed by other Chinese APT groups since 2013, later it was also adopted by other cybercrime gangs in attacks in the wild. ’ In a first attack scenario, hackers leverage a Microsoft antivirus component to load mpsvc.dll that acts as a loader for Groza_1.dat. Pierluigi Paganini.

Malware 118

Malware Encryption Advertising Antivirus 118

Security Affairs

APRIL 21, 2019

Operator of Codeshop Cybercrime Marketplace Sentenced to 90 months in prison. Avast, Avira, Sophos and other antivirus solutions show problems after. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Computers and Electronics 93

Computers and Electronics Advertising Data breaches Spyware 93

Security Affairs

AUGUST 24, 2020

For instance, to disable built-in antivirus software, the attackers used Defender Control and Your Uninstaller. Group-IB’s technological leadership is built on the company’s 17 years of hands-on experience in cybercrime investigations around the world and 60 000 hours of cyber security incident response accumulated in one of ???

Threat Detection 127

Threat Detection Ransomware Advertising Cybercrime 127

Security Affairs

SEPTEMBER 22, 2020

The malicious code was initially advertised on many hacking forums for up to $300, later other threat actors started offering it for less than $80 in the cybercrime underground. Below the list of mitigations: Maintain up-to-date antivirus signatures and engines. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 102

Malware Passwords Advertising Antivirus 102

SecureWorld News

APRIL 28, 2021

Troy Hunt and the FBI provided some recommendations for anyone that finds themselves in this collection of data: "Keep security software such as antivirus up to date with current definitions. It was first discovered in 2014 as a banking trojan, and quickly evolved to become a perfect solution for cybercriminals anywhere.

Banking 95

Banking Passwords Malware Password Management 95

Security Affairs

FEBRUARY 17, 2019

Astaroth Trojan relies on legitimate os and antivirus processes to steal data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. A new batch of 127 million records appears in the dark web. Pierluigi Paganini.

Advertising 94

Advertising Antivirus Malware Backups 94

Security Affairs

OCTOBER 12, 2019

In August 2018, three members of the notorious cybercrime gang have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the Mandiant report.

Identity Theft 103

Identity Theft Hacking Advertising DNS 103

Security Affairs

DECEMBER 7, 2019

“According to the indictment, Bugat is a malware specifically crafted to defeat antivirus and other protective measures employed by victims. For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world,” said U.S. Attorney Brady. Pierluigi Paganini.

Banking 97

Banking Malware Accountability Cybercrime 97

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. Another technique used by cybercriminals to bypass antivirus systems is a targeted attack, in which malicious email are delivered outside regular working hours. More than 80% of all malicious files were disguised as .zip

Ransomware 98

Ransomware Antivirus Malware Banking 98

Security Affairs

JULY 27, 2018

“ CoinVault ransomware was first spotted in the wild in May 2014, it infected more than 14,000 Windows computers worldwide, most of them in the Netherlands, the US, the UK, Germany, and France. In order to protect your computer from malware: Ensure your system software and antivirus definitions are up-to-date. Pierluigi Paganini.

Ransomware 69

Ransomware Advertising Antivirus Cybercrime 69

Security Affairs

AUGUST 28, 2019

Earlier this year, malware researchers from Avast antivirus firm discovered a design flaw in the C&C protocol of the botnet that could have been exploited to remove the malware from infected computers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 110

Malware Advertising Antivirus Cryptocurrency 110

Security Affairs

APRIL 9, 2020

To trick antivirus software, threat actors include the passwords for accessing the content in the email subject line, in the archive name, or in subsequent correspondence with the victim. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Group-IB is a member of the World Economic Forum. .

Phishing 141

Phishing Malware Spyware DDOS 141